Checkmarx

Unclaimed

Application security testing platform

Code Review Testing & QA Vulnerability Scanning

Visit Website

PaidVisit Website

TL;DR - Checkmarx

Checkmarx is an enterprise application security testing platform for finding vulnerabilities in code
It provides SAST, SCA, and DAST scanning integrated into CI/CD pipelines
Custom enterprise pricing based on codebase size and scanning requirements

Pricing: Paid only

Best for: Enterprises & pros

Score: 78/100

Pros & Cons

Pros

Enterprise SAST
Good vulnerability detection
CI/CD integration
Compliance support
Many languages

Cons

Very expensive
False positives
Learning curve
Complex setup
Slow scans

Key Features

SASTSCAIASTAPI securityIaC scanningEnterprise

Pricing Plans

Free Trial

Essentials

Core AppSec

SAST
SCA
API Security
ASPM dashboard

Professional

Expanded coverage

All Essentials
DAST
Container Security
Malicious package protection

Enterprise

Complete solution

All Professional
IaC Security
Secrets Detection
Codebashing training

View full pricing

About Checkmarx

By Toolradar Team·Updated Feb 24, 2026

Checkmarx scans code for security vulnerabilities throughout the development process. Static analysis finds issues in source code. Dependency scanning catches vulnerable packages. Everything integrates into CI/CD. The platform covers the full application security stack. Findings prioritize by risk. Developer tools make fixing issues part of the workflow. Enterprise development organizations with security requirements choose Checkmarx for comprehensive application security testing at scale.

How we evaluate tools →Source: checkmarx.com

Reviews

No reviews yet. Be the first to review Checkmarx!

Write a Review

Best Checkmarx Alternatives

Top alternatives based on features, pricing, and user needs.

NucleiFreemium

Automate custom vulnerability detection and map internet-exposed assets at scale.

GitGuardianFreemium

Secrets detection

tfsecFree

Security scanner for your Terraform code.

ScoutSuiteFree

Open-source multi-cloud security auditing tool for posture assessment.

FortifyFreemium

Comprehensive application security testing for identifying and remediating vulnerabilities.

ZeroPathPaid

AI-native application security platform that finds and auto-fixes critical code vulnerabilities.

See all Code Review tools →

Explore More

Best Code Review Tools Best Testing & QA Tools Best Vulnerability Scanning Tools

Checkmarx FAQ

What is Checkmarx?

Checkmarx is an enterprise application security testing (AST) platform that helps developers find and fix security vulnerabilities in their code through SAST, SCA, DAST, and more.

How much does Checkmarx cost?

Checkmarx uses custom enterprise pricing based on your organization's needs. Contact their sales team for a quote tailored to your requirements.

What is SAST in Checkmarx?

SAST (Static Application Security Testing) analyzes your source code to find security vulnerabilities without running the application, catching issues early in development.

Does Checkmarx support multiple languages?

Yes, Checkmarx supports 30+ programming languages including Java, JavaScript, Python, C#, Go, PHP, Ruby, and many others.

Can Checkmarx integrate with CI/CD pipelines?

Yes, Checkmarx integrates with popular CI/CD tools like Jenkins, GitHub Actions, GitLab CI, Azure DevOps, and others to automate security scanning in your workflow.

Source: checkmarx.com